During the past decade, smartphone developers have been improving security mechanisms in smartphone runtimes out of necessity. Unfortunately, these security improvements have frequently been left unimplemented in the smartphone’s corresponding baseband controller, and notable exploitations have occurred as a result. Developers of all cyber physical systems should take note: any processor running software could be the target of an attack; especially if that software processes raw inputs from sensors. In this paper we investigate specific exploitations that have been proven effective against baseband controllers, and examine the methodologies recommended by the exploit authors to protect against them. We conclude by presenting some design and implementation techniques that can be used to enhance the security posture of mindful developers of cyber physical systems.
This paper describes some patterns for information security problems that consistently emerge
among traditional enterprise networks and applications, both with respect to cyber threats and data
sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network
operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of
data aggregates, training efficacy, and security decision support in the human machine interface. While
proven techniques can address many enterprise security challenges, we provide additional
recommendations on how to further improve overall security posture, and suggest additional research
thrusts to address areas where known gaps remain.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.